In an attempt to bolster the number of drones in their botnet the Storm Gang has started sending out more spam email.


Lately, we've seen a trend toward major security-related websites becoming the victim of targeted attacks. Assaults on the sites of Trend Micro, CA, and the volunteer-led security community, CastleCops, are all recent examples of this malicious behavior by hackers.


Shoppers Beware

by Lina on March 7th, 2008 in Security Alerts.

Here at Lavasoft, we constantly come across websites that are trying to piggy back on our name, in order to try to scam people into buying the "product" they're selling. The following is just one example of how scammers will try to take advantage of you.


Researchers predicted that Storm was on the horizon for a new spam bout in mid-February - in order to take advantage of Valentines Day - but it seems to have hit a month early.

You may enjoy seeing messages of love in your e-mail inbox, but you need to be especially cautious of their validity; Storm is now using affectionate notes to worm its way into users' computers.


The folks at Zango contacted us about our blog posting triggered from the Zango/Facebook article that was posted over at Fortinet. They are not happy with the manner in which we've handled our corporate ethics when reporting this information. We'd like to reprint their comments and give them fair space here so that you hear both sides and can make an informed decision for yourself.

[Quote]


fortinetZango, despite their best intentions, just can't seem to help themselves. They are at it again, this time using social engineering to help spread their worm that is masquerading as a secret crush on your Facebook page.

Before you can find out who the secret crush is you have to agree to download an application that allows it to:

(photo: Fortinet)


News Misuse

by Erin on October 30th, 2007 in Security Alerts, Security Tips.

In the last few days, there have been reports of online scams exploiting the wildfires in California, USA. Unfortunately, scams taking advantage of situations like this is nothing new.

In the past, we've seen international news, sports events, and even holidays lead to phishing and fraudulent e-mails. In many cases, disasters and tragedies also bring about fake charity sites popping up on the Web, set up by opportunists looking to cash in on recovery efforts.


A new rogue, known as XP AntiVirus or XPAntiVirus, has been making the rounds. Typical of fraudware, this rogue anti-virus software creates registry entries for fake, non-existent malware that it then "detects" when it scans your PC. This tactic is used to scare you into purchasing the software.

While the program does come with a removal option, when PC users attempt to uninstall it, XP AntiVirus will start up again the next time they reboot.


Patch, Patch, Patch

by Erin on October 11th, 2007 in Security Alerts, Security Tips.

The latest security vulnerabilities have been released from Microsoft. Octobers Patch Tuesday lists four "critical" and two "important" security bulletins (a total of nine vulnerabilities). The applications involved include Microsoft Word, Outlook Express, Internet Explorer, and Kodak Image Viewer.


The latest security vulnerabilities have been released at Microsoft, including 6 critical and 3 important security bulletins (14 vulnerabilities in total).

Learn more.

The Windows programs and operating systems affected include: Vista, XP, Internet Explorer, XML Core Services, Virtual Basic, Office, and Virtual Server.


Beware: Fake Codecs

by Erin on August 17th, 2007 in Security Alerts, Security Tips.

Zlob. Fake codecs. Zlob codecs. Smitfraud Trojan. This online enemy goes by many names, but no matter what it's called, the devious tactics and growth on the web are undeniable.

Zlob Trojans, similar to the closely related Vundo Trojan, are malware that usually masquerade as a codec needed to play a video, and then install adware or malware on an unsuspecting users system. (Below is an example of a request message prompting you to download a fake codec. Click for a larger image).


With the news of the return of the "Storm worm" with a vengeance and reports of the rise and rise of malicious websites, there's really no such thing as being too cautious when you're online.